Refactor OAuth 2.0 code into app layer (#6037)

1 files changed, 31 insertions, 0 deletions

diff --git a/app/team.go b/app/team.go
index 327ab7f3e..d4e6d6308 100644
--- a/app/team.go
+++ b/app/team.go
@@ -6,6 +6,7 @@ package app
 import (
 	"fmt"
 	"net/http"
+	"net/url"
 	"strconv"
 	"strings"
 
@@ -747,3 +748,33 @@ func GetTeamStats(teamId string) (*model.TeamStats, *model.AppError) {
 
 	return stats, nil
 }
+
+func GetTeamIdFromQuery(query url.Values) (string, *model.AppError) {
+	hash := query.Get("h")
+	inviteId := query.Get("id")
+
+	if len(hash) > 0 {
+		data := query.Get("d")
+		props := model.MapFromJson(strings.NewReader(data))
+
+		if !model.ComparePassword(hash, fmt.Sprintf("%v:%v", data, utils.Cfg.EmailSettings.InviteSalt)) {
+			return "", model.NewAppError("GetTeamIdFromQuery", "api.oauth.singup_with_oauth.invalid_link.app_error", nil, "", http.StatusBadRequest)
+		}
+
+		t, err := strconv.ParseInt(props["time"], 10, 64)
+		if err != nil || model.GetMillis()-t > 1000*60*60*48 { // 48 hours
+			return "", model.NewAppError("GetTeamIdFromQuery", "api.oauth.singup_with_oauth.expired_link.app_error", nil, "", http.StatusBadRequest)
+		}
+
+		return props["id"], nil
+	} else if len(inviteId) > 0 {
+		if result := <-Srv.Store.Team().GetByInviteId(inviteId); result.Err != nil {
+			// soft fail, so we still create user but don't auto-join team
+			l4g.Error("%v", result.Err)
+		} else {
+			return result.Data.(*model.Team).Id, nil
+		}
+	}
+
+	return "", nil
+}